On Wed, Jan 24, 2001 at 01:56:37PM -0500, Mipam wrote:
> Hi,
> 
> I am using a machine which optains an ip from a dhcp machine.
> I am also running ipf and blocking all, exept for some conditions
> for else i couldnt send this mail :)
> Normally a dhcp request is send out to 255.255.255.255 port 67 tcp
> from my machine (correct me where i am wrong).
> An answer comes back to me on port 68 tcp from the dhcp machine.
> 
> Strangely enough when booting i see that ipfilter is initialized
> and after that dhcp is done to obtain an address and the answer to
> me is allowed to come in despite the block in all rule at
> the start. I must admit that i also have a rule that
> allows me to send out such traffic and is keeping state.
> But because the repley is normally sent to port 68 i do not exept
> that the repley is seen as a part of the connection.
> Could be wrong here though ....

It's because dhcp uses bpf, and so the request and the anserw won't go
through the in-kernel network stack.

--
Manuel Bouyer <bouyer@antioche.eu.org>
--